Scribd Logo
Carica

Benvenuto in Scribd!

  • Capkun

    Caricato da

    nanoteraCH
    171 visualizzazioni19 pagine
    SOETC Conference

    Titolo originale

    capkun

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    SOETC Conference

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    171 visualizzazioni19 pagine

    Capkun

    Caricato da

    nanoteraCH
    SOETC Conference

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 19

    Secure

    Posi+oning and its Applica+ons


    Srdjan apkun
    ETH Zurich

    All photographs, imagery, media belong to their respective owners/creators.

    Wireless Ranging and Posi+oning Systems


    Coverage

    GPS/Galileo Terrestrial
    (GNSS) (e.g. Loran)

    100m 1km

    Rural

    10m

    Wide-Area

    Room

    1m

    10km

    100km

    Wide range of techniques and


    underlying radio technologies.

    Sub-
    Room

    Cellular
    Networks

    UWB

    Dier in ranges, precision, power


    consump+on.

    Urban

    Indoor RF

    WLAN

    Sound
    RFID
    Infrared

    Accuracy
    1cm

    10cm

    1m

    10m

    100m 1km

    Time of Flight techniques clear


    winners:
    - GPS/Galileo
    - UWB: 15cm acc., 500m range

    Applica+ons
    Already Many Applica<ons:
    Access Control, Payments
    Naviga+on, Synchroniza+on
    UAV, Real-+me Tracking,

    Passive Keyless Entry and Start

    Applica+ons
    Already Many Applica<ons:
    Access Control, Payments
    Naviga+on, Synchroniza+on
    UAV, Real-+me Tracking,

    Passive Keyless Entry and Start

    many more to come:


    Industrial & home automa+on,
    IoT, Robo+cs, Self-Driving Cars

    AXacks: Posi+oning Techniques are Insecure

    We published this aXack in 2011.


    All cars s+ll vulnerable in 2016.
    (physical layer needs to be changed)

    AXacks: Posi+oning Techniques are Insecure

    We published this aXack in 2011.


    All cars s+ll vulnerable in 2016.
    (physical layer needs to be changed)

    AXacks: Posi+oning Techniques are Insecure


    many published aAacks:
    PKES, GPS, WiFi, Cellular, TDOA,
    802.15.4, Ultrasonic, Chirp SS,
    Phase Ranging, NFC

    We published this aXack in 2011.


    All cars s+ll vulnerable in 2016.
    (physical layer needs to be changed)

    Our Projects: GNSS and RTToF

    Our Projects: GNSS and RTToF

    GPS/Galileo:
    Unidirec<onal ToA
    Outdoor only, 3-10m precision
    Fundamentally Insecure

    (but something can be done


    assuming geographically
    restricted a=ackers)

    Our Projects: GNSS and RTToF

    GPS/Galileo:
    Unidirec<onal ToA
    Outdoor only, 3-10m precision
    Fundamentally Insecure

    (but something can be done


    assuming geographically
    restricted a=ackers)

    Round-Trip Time of Flight:


    Bidirec<onal
    Indoor & outdoor,
    High precision (15cm)
    Infrastructure-free mode
    Can Enable Secure Posi+oning

    => A Paradigm Change

    Project 1:
    Secure, Precise, Low Power Distance Measurement
    - UWB Round-Trip Time of Flight
    - 6-8GHz, 500MHz bandwidth
    - Range: 150m (LoS) / Accuracy: 15cm (LoS)
    - Avg. consump+on 10mA, comparable to BLE
    (30M measurements / coin ba=ery)
    - Dura+on of single distance measurement: 1ms
    - Data communica+on: 250kbps
    - Iden+ca+on and Mutual Authen+ca+on
    - Secure = Prevents Relay AAacks

    Project 1:
    Secure, Precise, Low Power Distance Measurement
    - UWB Round-Trip Time of Flight
    - 6-8GHz, 500MHz bandwidth
    - Range: 150m (LoS) / Accuracy: 15cm (LoS)
    - Avg. consump+on 10mA, comparable to BLE
    (30M measurements / coin ba=ery)
    - Dura+on of single distance measurement: 1ms
    - Data communica+on: 250kbps
    - Iden+ca+on and Mutual Authen+ca+on
    - Secure = Prevents Relay AAacks

    includes antenna, controller, and secure distance measurement chip

    Proximity Based Authoriza+on and Access Control


    Example applica+ons:
    If key fob close (1m) to the car/door => unlock the car/door
    If laptop close (1m) to the access point => allow network access
    If phone in the building/room => allow access to data
    if phone/card close (20cm) to the terminal => execute payment
    If bracelet close (10cm) to the gun => allow the gun to be red
    If two devices close (10cm) => establish keys

    Proximity Based Authoriza+on and Access Control


    Example applica+ons:
    If key fob close (1m) to the car/door => unlock the car/door
    If laptop close (1m) to the access point => allow network access
    If phone in the building/room => allow access to data
    if phone/card close (20cm) to the terminal => execute payment
    If bracelet close (10cm) to the gun => allow the gun to be red
    If two devices close (10cm) => establish keys

    Intui+ve, non-interac+ve approach to authorizing access to


    physical spaces, data and to the execu+on of services.

    Project 2:
    SPREE - Spoong Resilient GNSS Receiver
    - SPREE: the rst GPS receiver capable of detec+ng
    (up to an accuracy) all known spoong aXacks on civilian GPS.
    - SPREE is based on GNSS-SDR and open source

    [MobiCom 2016]

    hXps://www.spree-gnss.ch/

    Project 3:
    Sound-Proof: Proximity-Based 2nd Factor Authen+ca+on
    If phone is close to PC => login
    Non-interac+ve, No specialized tokens

    [Usenix Security 2015]

    Project 3:
    Sound-Proof: Proximity-Based 2nd Factor Authen+ca+on
    If phone is close to PC => login
    Non-interac+ve, No specialized tokens
    Phone and Browser (Script)
    communicate (sound) => check proximity.
    record ambient noise => check proximity.

    [Usenix Security 2015]

    Project 3:
    Sound-Proof: Proximity-Based 2nd Factor Authen+ca+on
    If phone is close to PC => login
    Non-interac+ve, No specialized tokens
    Phone and Browser (Script)
    communicate (sound) => check proximity.
    record ambient noise => check proximity.
    Easy deployment (no new SW on PC)
    Con+nuous Authen+ca+on

    [Usenix Security 2015]

    More Informa+on
    Srdjan apkun
    capkuns@inf.ethz.ch

    Potrebbero piacerti anche